/*****************************************************************************
 *   Copyright 2005 Tim A Wang
 *
 *   Licensed under the Apache License, Version 2.0 (the "License");
 *   you may not use this file except in compliance with the License.
 *   You may obtain a copy of the License at
 *
 *       http://www.apache.org/licenses/LICENSE-2.0
 *
 *   Unless required by applicable law or agreed to in writing, software
 *   distributed under the License is distributed on an "AS IS" BASIS,
 *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 *   See the License for the specific language governing permissions and
 *   limitations under the License.
 *
 ****************************************************************************/
package com.jb.security;

import com.jb.faces.application.FacesMessage;
import com.jb.faces.context.FacesContext;
import com.jb.web.context.WebContext;
import com.jb.web.session.SessionUser;


/**
 * Implementation of SecurityManager that does not do anything for user account
 * information.
 */
 
public class DummySecurityManager implements SecurityManager {
    static final String GUEST = "Guest"; 
    private SessionUserImpl userAccount = null;

    public void initialize(FacesContext ctx) {
        
    }
    public int authorize(FacesContext ctx, SessionUser guest, Object resource) {
        return 0; //guest can see anything
    }
    public void updateUser(FacesContext ctx, SessionUser user) {
        //no op
    }
    public SessionUser login(FacesContext pCtx, String username, char[] password) {
        WebContext ctx =(WebContext)pCtx;
        if (GUEST.equals(username)) {
            return null;
        }

        SessionUserImpl userAccount = new SessionUserImpl();
        userAccount.setId(username);
        userAccount.setUserName(username);
        userAccount.setAccess(1000);
        
        if(password==null)//this should only happen for auto sign in.
        {
            userAccount.setAccess(0);
            return userAccount;
        }
        
        if (username.equals("root") ) {
            if ("welc0me".equals(new String(password))) {
                userAccount.setAccess(0);
                return userAccount;
            } else {
                ctx.addMessage("Security", new FacesMessage("Failed to login as root"));
                return null;
            }
        }


        return userAccount;
    }

    public SessionUser createGuestUser() {
        return new GuestUser();
    }

    public SessionUser createUser(FacesContext ctx, String userName, String password) {
        userAccount = new SessionUserImpl();
        userAccount.setId(userName);
        userAccount.setUserName(userName);
        userAccount.setScreenName(userName);

        return userAccount;
    }

    public SessionUser findUser(FacesContext ctx, String userName) {
        userAccount.setId(userName);
        userAccount = new SessionUserImpl();
        userAccount.setUserName(userName);
        userAccount.setScreenName(userName);

        return userAccount;
    }

    public void logout(FacesContext pCtx, SessionUser user) {
        //
    }

    public String toString() {
        return "DummySecurityManager";
    }
}
